← 返回 Skills 市场
Moltbot Security
作者
Next Frontier AI
· GitHub ↗
· v1.0.3
2751
总下载
3
收藏
5
当前安装
4
版本数
在 OpenClaw 中安装
/install moltbot-security
功能描述
Security hardening for AI agents - Moltbot, OpenClaw, Cursor, Claude. Lock down gateway, fix permissions, auth, firewalls. Essential for vibe-coding setups.
安全使用建议
This is a practical hardening checklist, but before running anything: 1) Verify the origin — the registry metadata lists no known homepage while package.json points to a GitHub repo; inspect that repo and its author. 2) Don’t blindly run curl | sh commands — fetch and review the scripts first. 3) Back up ~/.openclaw and any config files before editing or running auto-fix commands. 4) Confirm the 'openclaw' CLI is legitimate and from a trusted source before using --fix or audit commands. 5) Be cautious exporting tokens in shells; use a secrets store if possible. If you want, I can: fetch and summarize the referenced GitHub repo (if publicly available), list the exact commands the guide recommends to run so you can review them, or suggest safer step-by-step commands to audit without applying automatic fixes.
功能分析
Type: OpenClaw Skill
Name: moltbot-security
Version: 1.0.3
The skill's stated purpose is security hardening, which is benign. However, the `SKILL.md` file instructs the AI agent to execute several powerful system commands, including `curl -fsSL https://deb.nodesource.com/setup_22.x | sudo -E bash -`. While intended for a legitimate Node.js update from a known source, this pattern of piping a remote script to `bash` with root privileges represents a significant supply chain risk and a potential Remote Code Execution (RCE) vulnerability if the remote source were compromised. This falls under 'risky capabilities without clear malicious intent' as per the classification guidelines, making the skill suspicious.
能力评估
Purpose & Capability
Name and description claim security hardening for Moltbot/OpenClaw and the SKILL.md content indeed provides firewall, auth, permissions, Node.js updates, and Tailscale guidance — that aligns with the stated purpose. However, the package metadata claims no required config paths or env vars while the instructions explicitly reference ~/.openclaw/openclaw.json and several CLAWDBOT_* environment variables. This metadata/instruction mismatch is unexpected and deserves attention.
Instruction Scope
Instructions tell the operator to read and edit sensitive config files (~/.openclaw/openclaw.json), change file permissions, export secrets (CLAWDBOT_GATEWAY_TOKEN / CLAWDBOT_GATEWAY_PASSWORD), run firewall and sshd config changes, and run 'openclaw security audit --deep --fix'. Those actions are within a hardening guide's scope, but they are high-impact (modify system files, apply fixes automatically). The guide also recommends piping remote install scripts (Tailscale, NodeSource). Ensure you trust the sources before running them and verify the CLI tooling (openclaw) exists and is from a trusted origin.
Install Mechanism
The skill is instruction-only (no install spec), which is lower risk as nothing is written by the package manager. However, the instructions recommend running third-party install scripts (curl | sh for Tailscale and NodeSource), and a homebrew command for macOS; those are external downloads executed on the host and carry the usual supply-chain risk. The package.json references a GitHub repo, but registry metadata lists source/homepage as unknown/none — inconsistent provenance information.
Credentials
The SKILL.md instructs you to set environment variables (CLAWDBOT_GATEWAY_TOKEN, CLAWDBOT_GATEWAY_PASSWORD, CLAWDBOT_DISABLE_BONJOUR) and to edit local config paths, which are reasonable for a gateway hardening guide. But the registry metadata declares no required env vars and no required config paths; this mismatch makes it unclear what secrets/config the skill expects or will operate on. No unrelated credentials are requested, but the lack of declared requirements reduces transparency.
Persistence & Privilege
The skill does not request persistent or privileged platform-level presence (always:false, no special flags). It instructs manual edits to user and system files (home config, /etc/ssh, ufw) which are expected for system hardening. It does not attempt to modify other skills or system agent configs automatically in the provided instructions.
如何使用
- 确保已安装 OpenClaw(本地或 Docker 部署)
- 在对话框中输入安装命令:
/install moltbot-security - 安装完成后,直接呼叫该 Skill 的名称或使用
/moltbot-security触发 - 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v1.0.3
- Skill renamed to "moltbot-security" for clarity and improved discoverability.
- Description and keywords updated to emphasize compatibility with Moltbot, OpenClaw, Cursor, Claude, and popular coding/AI tools.
- Keywords expanded to improve search relevance for security, developer, and AI tool users.
- No changes to core guides or technical instructions.
v1.0.2
Rebranded to OpenClaw
v1.0.1
SEO update: added claude, cursor, devops, infosec keywords
v1.0.0
Initial release of the moltbot-security skill.
- Provides step-by-step hardening guide for Moltbot/Clawdbot gateways.
- Covers gateway binding, authentication setup, file permissions, and firewall configuration.
- Includes real-world vulnerability context and prompt injection examples.
- Offers quick audit and auto-fix commands.
- Details secure remote access via Tailscale.
- Includes a security checklist and recommended configuration templates.
元数据
常见问题
Moltbot Security 是什么?
Security hardening for AI agents - Moltbot, OpenClaw, Cursor, Claude. Lock down gateway, fix permissions, auth, firewalls. Essential for vibe-coding setups. 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 2751 次。
如何安装 Moltbot Security?
在 OpenClaw 或 Claude Code 对话框中运行命令「/install moltbot-security」即可一键安装,无需额外配置。
Moltbot Security 是免费的吗?
是的,Moltbot Security 完全免费(开源免费),可自由下载、安装和使用。
Moltbot Security 支持哪些平台?
Moltbot Security 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。
谁开发了 Moltbot Security?
由 Next Frontier AI(@nextfrontierbuilds)开发并维护,当前版本 v1.0.3。
推荐 Skills